Authors

Abstract

The number of phishing e-mails sent to users’ inboxes at organizations increases every year, putting users under constant threat of data or identity theft. In finding ways to motivate users to protect them-selves and their organization from such threats, IS security researchers using protection motivation theory (PMT) have made notable contributions to the relationship between appraisal processes and adaptive responses. In this study, we argue that security awareness is the missing link that can explain what makes cues salient. To observe this link, we have recently conducted a multi-method experimental design including eye tracking, facial analysis, and survey components to shed light on the relationship between users’ awareness and appraisal processes. Our study also contributes to prior literature by observing the effect of fear appeal manipulations on this relationship and the role of fear in user protection motivation. Additionally, we are able to uncover actual security-related behaviors.